A hy­per­vi­sor is a software or firmware that fa­cil­i­tates the creation and man­age­ment of virtual machines by ab­stract­ing the hardware resources of a physical computer, allowing multiple operating systems to run con­cur­rent­ly. Rather than con­struct­ing an entire system with hardware and an operating system, it creates a vir­tu­al­ized version—es­sen­tial­ly sim­u­lat­ing a complete PC en­vi­ron­ment.

How does a hy­per­vi­sor work?

When creating a virtual machine (VM), it operates based on a non-virtual, actual machine—such as a PC. The VM is dependent on the physical hardware. Therefore, there is a layer between the two levels re­spon­si­ble for man­age­ment: the hy­per­vi­sor. The hy­per­vi­sor is software that takes over the man­age­ment of the required resources. This program, also known as a Virtual Machine Monitor (VMM), allocates resources within the system. This way, multiple and different virtual machines can run on a host system, as the hy­per­vi­sor ensures that they do not interfere with each other and all have the necessary ca­pac­i­ties available.

The hy­per­vi­sor thus creates an ab­strac­tion layer between the hardware and the operating systems running on it. It does this by dividing hardware resources into logical units and sim­u­lat­ing a unique en­vi­ron­ment for each VM. The VMs feel as though they are running directly on real hardware, even though they are sharing resources with other VMs.

Note

The strict sep­a­ra­tion between different virtual machines not only ensures a good dis­tri­b­u­tion of resources but also enhances security. The hy­per­vi­sor ensures that a guest system cannot access files from another guest system. This is es­pe­cial­ly important for testing purposes, so a faulty program does not damage other test en­vi­ron­ments.

Memory man­age­ment

In CPU vir­tu­al­iza­tion, the hy­per­vi­sor uses tech­niques like time-slicing to fairly dis­trib­ute pro­cess­ing power among VMs. Modern proces­sors have special vir­tu­al­iza­tion features (e.g., Intel VT-x or AMD-V) that support the hy­per­vi­sor and reduce overhead.

Memory (RAM) is managed through paging and mapping tech­niques. The hy­per­vi­sor assigns virtual memory addresses to physical memory blocks, so each VM sees only its own memory space. When memory is scarce, it can use mech­a­nisms like memory over­com­mit­ment or bal­loon­ing to dis­trib­ute memory ef­fi­cient­ly among VMs.

I/O and device man­age­ment

Virtual machines access hardware devices like hard drives, network cards, or graphics cards through virtual in­ter­faces. The hy­per­vi­sor emulates these devices or directly forwards requests to the physical hardware (using Direct-I/O or pass-through tech­niques). This ensures a balance between com­pat­i­bil­i­ty and per­for­mance.

Isolation and security

A sig­nif­i­cant advantage of vir­tu­al­iza­tion is the isolation between VMs. Each VM operates in its own en­vi­ron­ment, so errors or attacks in one VM have no direct impact on other virtual machines or the host system. The hy­per­vi­sor employs various security mech­a­nisms to ensure strict sep­a­ra­tion, including memory pro­tec­tion, access controls, and sand­box­ing tech­niques.

Tip

If you also want to use a virtual machine, you have a choice among different vir­tu­al­iza­tion software. For end users, options like Vir­tu­al­Box or Hyper-V, Microsoft’s vir­tu­al­iza­tion solution, are suitable choices. For large en­ter­pris­es, the vir­tu­al­iza­tion suite from VMware Broadcom is an option.

Different types of virtual machine monitors

There are two different types of virtual machine monitors: Type-1 vs. Type-2 hy­per­vi­sors. Each is char­ac­ter­ized by very specific ad­van­tages. The former is also the older version. Vir­tu­al­iza­tion with this tech­nol­o­gy was already being pursued in the 1960s.

Type-1 hy­per­vi­sor

The first type of hy­per­vi­sor is called a bare-metal hy­per­vi­sor or native hy­per­vi­sor. This kind of VMM is installed directly on the physical hardware, bypassing the host’s operating system. As a result, it must include all necessary device drivers. Resource con­sump­tion with a Type-1 hy­per­vi­sor is rel­a­tive­ly low because computing power doesn’t need to pass through the host operating system. This type of hy­per­vi­sor is primarily designed for users looking to set up a vir­tu­al­iza­tion server. However, for smaller home projects, a Type-1 hy­per­vi­sor tends to be too complex.

Image: Schematic representation of the functioning of the Type-1 hypervisor
A Type-1 hy­per­vi­sor sits directly on the hardware.

Type-2 hy­per­vi­sor

The second variant (also known as a hosted hy­per­vi­sor) requires an existing operating system, which is built on the physical hardware. A Type-2 hy­per­vi­sor is installed just like any other program. The VMM then manages the vir­tu­al­iza­tion. Device drivers do not need to be installed in the hy­per­vi­sor, as the actual operating system can simply pass them to the software. However, this con­ve­nience comes at the expense of per­for­mance. A sig­nif­i­cant portion of the resources are already consumed by the host’s operating system. Due to the easy in­stal­la­tion and con­fig­u­ra­tion, Type-2 hy­per­vi­sors are perfect for smaller projects.

Image: Schematic representation of the functioning of the Type-2 hypervisor
The Type-2 hy­per­vi­sor is installed on an existing operating system.
Compute Engine
The ideal IaaS for your workload
  • Cost-effective vCPUs and powerful dedicated cores
  • Flex­i­bil­i­ty with no minimum contract
  • 24/7 expert support included
Go to Main Menu